On macOS ¶

Assuming the path to your generated CA certificate is ~/My-CA.pem, run (as root):

1security add-trusted-cert -d -r trustRoot -k /Library/Keychains/System.keychain ~/My-CA.pem

A dialog box will appear asking for an administrator’s username and password. Enter it, and it will be stored in the system keychain. This can be verified by opening the Keychain Access application (/Applications/Utilities/Keychain Access.app). On the sidebar under System Keychains select System, and the new certificate should be listed.

Siehe auch “Step 4 – Import root certificate to users devices” im Kapitel “openssl” bzw. den “Step 5” im Kapitel “cfssl” in einer anderen Fundstelle.

For MAC OS:

• Open up Keychain Access by searching it on Spotlight (clicking the Magnifying glass located on the upper right corner)
• Select File > Import Items. Find the generated root certificate. Select System as “Destination Keychain”
• Enter password when prompted
• Logoff to take effect

Auch im “Proxmox”-Wiki gibt es einen Artikel zum Hinzufügen von Zertifikaten zum Trust-Store von macOS.